Skip to content

[pre-commit.ci] pre-commit autoupdate #14110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Pierre-Sassoulas merged 8 commits into from
Jan 13, 2026
Merged

[pre-commit.ci] pre-commit autoupdate #14110

Pierre-Sassoulas merged 8 commits into from
Jan 13, 2026
+24 −24

Conversation

@pre-commit-ci
Copy link
Contributor

@pre-commit-ci pre-commit-ci bot commented Jan 12, 2026

@Pierre-Sassoulas
Copy link
Member

Pierre-Sassoulas commented Jan 13, 2026

Executed locally, the zizmor issue is "action is not pinned to a hash (required by blanket policy)" * 20

@Pierre-Sassoulas Pierre-Sassoulas added the skip news used on prs to opt out of the changelog requirement label Jan 13, 2026
@bluetech
Copy link
Member

bluetech commented Jan 13, 2026

Executed locally, the zizmor issue is "action is not pinned to a hash (required by blanket policy)" * 20

I think we should fix it, it's good to pin with hashes, and dependabot supports updating the pin so it shouldn't be a maintenance headache AFAIK. I will look into pushing the pins to this PR in a bit unless you beat me to it :)

@webknjaz
Copy link
Member

webknjaz commented Jan 13, 2026

dependabot supports updating the pin so it shouldn't be a maintenance headache AFAIK

Make sure to leave # v1.0.0 comments matching the commits in your PR. Dependabot updates such comments with actual tags when in offers bumps. But I think this might get out-of-sync if the version in comment doesn't match the hash at the time of the dependabot run.

@Pierre-Sassoulas Pierre-Sassoulas self-assigned this Jan 13, 2026
Pierre-Sassoulas and others added 8 commits January 13, 2026 15:54
@Pierre-Sassoulas
[pre-commit zizmor] Make zizmor output legible in pre-commit.ci
bd1ef86
@Pierre-Sassoulas
[zizmor] Set 'actions/setup-python''s version by hash
8e821d6
@Pierre-Sassoulas
[zizmor] Set 'actions/checkout''s version by hash
40a5007
@Pierre-Sassoulas
[zizmor] Set 'actions/download-artifact''s version by hash
69f9cc4
@Pierre-Sassoulas
[zizmor] Set 'actions/upload-artifact''s version by hash
a7b745c
@Pierre-Sassoulas
[zizmor] Set 'actions/stale''s version by hash
9debe00
@Pierre-Sassoulas
[zizmor] Set 'actions/cache''s version by hash
1e601c3
@pre-commit-ci @Pierre-Sassoulas
[pre-commit.ci] pre-commit autoupdate
0839504 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.14.10 → v0.14.11](astral-sh/ruff-pre-commit@v0.14.10...v0.14.11)
- [github.com/woodruffw/zizmor-pre-commit: v1.19.0 → v1.20.0](zizmorcore/zizmor-pre-commit@v1.19.0...v1.20.0)
- [github.com/RobertCraigie/pyright-python: v1.1.407 → v1.1.408](RobertCraigie/pyright-python@v1.1.407...v1.1.408)
@Pierre-Sassoulas Pierre-Sassoulas force-pushed the pre-commit-ci-update-config branch from df76d24 to 0839504 Compare January 13, 2026 15:01
@Pierre-Sassoulas
Copy link
Member

Pierre-Sassoulas commented Jan 13, 2026

I did that and also fixed the zizmor output in bd1ef86

bluetech
bluetech approved these changes Jan 13, 2026
View reviewed changes
Copy link
Member

@bluetech bluetech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@Pierre-Sassoulas Pierre-Sassoulas merged commit d794da3 into main Jan 13, 2026
33 checks passed
@Pierre-Sassoulas Pierre-Sassoulas deleted the pre-commit-ci-update-config branch January 13, 2026 18:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bluetech bluetech bluetech approved these changes

Assignees

@Pierre-Sassoulas Pierre-Sassoulas

Labels

skip news used on prs to opt out of the changelog requirement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Pierre-Sassoulas @bluetech @webknjaz